Bug 132916

Summary:

Inline caching for proxies clobbers baseGPR too early

Product:

WebKit

Reporter:

Mark Hahnenberg <mhahnenberg>

Component:

JavaScriptCore

Assignee:

Mark Hahnenberg <mhahnenberg>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

commit-queue, fpizlo

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

132705

Attachments:

Description	Flags
Patch	none

Description Mark Hahnenberg 2014-05-14 11:10:49 PDT

It clobbers it prior to the Structure checks, so if any of the checks fail then the slow path gets the target of the proxy rather than the proxy itself. We need to delay the clobbering of baseGPR until we know the inline cache is going to succeed.

Comment 1 Mark Hahnenberg 2014-05-14 13:01:25 PDT

Created attachment 231463 [details]
Patch

Comment 2 WebKit Commit Bot 2014-05-14 13:49:28 PDT

Comment on attachment 231463 [details]
Patch

Clearing flags on attachment: 231463

Committed r168861: <http://trac.webkit.org/changeset/168861>

Comment 3 WebKit Commit Bot 2014-05-14 13:49:30 PDT

All reviewed patches have been landed.  Closing bug.